diff options
| author | rsleevi@chromium.org <rsleevi@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-04-20 01:59:01 +0000 |
|---|---|---|
| committer | rsleevi@chromium.org <rsleevi@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-04-20 01:59:01 +0000 |
| commit | e0e087f07253fe3d95aeafdfa337463d4334b7fa (patch) | |
| tree | a6fa2b390d98f6c3c0beef87915407c4d27c5ed6 /net/base/x509_certificate_openssl.cc | |
| parent | b73bb80b3496c7e1e8de3d808fc451663885d0b7 (diff) | |
| download | chromium_src-e0e087f07253fe3d95aeafdfa337463d4334b7fa.zip chromium_src-e0e087f07253fe3d95aeafdfa337463d4334b7fa.tar.gz chromium_src-e0e087f07253fe3d95aeafdfa337463d4334b7fa.tar.bz2 | |
Change the HTTP cache to cache the entire certificate chain for SSL sites
When persisting an X509Certificate to a pickle, such as when storing to the HTTP cache, persist any intermediate certificates in addition to the end-entity certificate. This will allow the complete certificate chain to be displayed to the end user when viewing a cached entry, independent of whether a network request has been made to that site during the browsing session.
R=agl
BUG=7065
TEST=X509CertificateTest.Persist
Review URL: http://codereview.chromium.org/4645001
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@82214 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/base/x509_certificate_openssl.cc')
| -rw-r--r-- | net/base/x509_certificate_openssl.cc | 44 |
1 files changed, 24 insertions, 20 deletions
diff --git a/net/base/x509_certificate_openssl.cc b/net/base/x509_certificate_openssl.cc index 52d9d4e..10ce266 100644 --- a/net/base/x509_certificate_openssl.cc +++ b/net/base/x509_certificate_openssl.cc @@ -385,17 +385,6 @@ X509Certificate::OSCertHandles X509Certificate::CreateOSCertHandlesFromBytes( } // static -X509Certificate* X509Certificate::CreateFromPickle(const Pickle& pickle, - void** pickle_iter) { - const char* data; - int length; - if (!pickle.ReadData(pickle_iter, &data, &length)) - return NULL; - - return CreateFromBytes(data, length); -} - -// static X509Certificate* X509Certificate::CreateSelfSigned( crypto::RSAPrivateKey* key, const std::string& subject, @@ -405,15 +394,6 @@ X509Certificate* X509Certificate::CreateSelfSigned( return NULL; } -void X509Certificate::Persist(Pickle* pickle) { - DERCache der_cache; - if (!GetDERAndCacheIfNeeded(cert_handle_, &der_cache)) - return; - - pickle->WriteData(reinterpret_cast<const char*>(der_cache.data), - der_cache.data_length); -} - void X509Certificate::GetDNSNames(std::vector<std::string>* dns_names) const { dns_names->clear(); @@ -533,4 +513,28 @@ bool X509Certificate::IsSameOSCert(X509Certificate::OSCertHandle a, memcmp(der_cache_a.data, der_cache_b.data, der_cache_a.data_length) == 0; } +// static +X509Certificate::OSCertHandle +X509Certificate::ReadCertHandleFromPickle(const Pickle& pickle, + void** pickle_iter) { + const char* data; + int length; + if (!pickle.ReadData(pickle_iter, &data, &length)) + return NULL; + + return CreateOSCertHandleFromBytes(data, length); +} + +// static +bool X509Certificate::WriteCertHandleToPickle(OSCertHandle cert_handle, + Pickle* pickle) { + DERCache der_cache; + if (!GetDERAndCacheIfNeeded(cert_handle, &der_cache)) + return false; + + return pickle->WriteData( + reinterpret_cast<const char*>(der_cache.data), + der_cache.data_length); +} + } // namespace net |